Quantum-inspired cascaded discrete-time quantum walks with induced chaotic dynamics and cryptographic applications

Designing efficient and secure cryptosystems has been a preoccupation for many scientists and engineers for a long time wherein they use chaotic systems to design new cryptosystems. While one dimensional (1-D) chaotic maps possess powerful properties compared to higher dimension ones, they are vulnerable to various attacks due to their small key space, chaotic discontinuous ranges, and degradation in chaotic dynamical behaviours. Moreover, when simulated on a computer, every such chaotic system produces a periodic cycle. Meanwhile, quantum random walks exhibit the potential for deployment in efficient cryptosystem design, which makes it an excellent solution for this problem. In this context, we present a new method for constructing substitution boxes (S-boxes) based on cascaded quantum-inspired quantum walks and chaos inducement. The performance of the proposed S-box scheme is investigated via established S-box evaluation criterion and outcomes suggest that the constructed S-box has significant qualities for viable applications information security. Further, we present an efficient scheme for pseudo-random numbers generation (PRNG) whose sustainability over long periods remedies the periodicity problem associated with traditional cryptographic applications. Furthermore, by combining the two mechanisms, an atypical image encryption scheme is introduced. Simulation results and analysis validate that the proposed image encryption algorithm will offer gains in many cryptographic applications.

algorithms 20,21 . While physical quantum computing hardware are as yet unavailable, quantum inspired frameworks provide platforms for simulating pseudo-quantum algorithms, which, within the limits of bounds imposed by the capability of digital computers, can to execute some of the quantum mechanical properties ascribed for the potency of quantum computation [22][23][24] . Moreover, based on the rationale that computation of the position probability distribution of a quantum walker requires computation of probabilities of frequencies (i.e. the number of detections at a given graph vertex divided by the total number of detections). This requires sufficient number of repetitions of the experiment in order to retrieve the probability distribution. Among others, this has motivated the use of quantum-inspired discrete-time quantum walks have been presented as viable resources useful in designing chaotic system for image encryption algorithms [25][26][27][28][29] . This procedure allows us to consider a quantum-inspired discrete quantum walk Q as a nonlinear mapping  Q H P : where H is a Hilbert space in which the walker exists and P is a set of probability distributions. At this juncture, we note that our notion of a quantum-inspired approach implies use of probability distribution of a quantum walk obtained from numerical simulations using digital resources.
The nonlinear behaviour of quantum-inspired walks described above together with the deterministic nature of state growth via unitary operators as well as the high sensitivity of quantum walks to initial conditions support the treatment of quantum-inspired discrete quantum walks as discrete-time and discrete-value chaotic systems 25,26,30 .
Inspired by the excellent dynamical properties of quantum walks, the limitations of traditional cryptosystems can be ameliorated via design and construction state-of-the-art techniques for effective information security applications. In addition to other benefits, a main contribution of this study is to explore the integration of quantum-inspired of quantum walks into traditional cryptographic applications. Hence, we present a bi-level cascaded quantum walks protocol as a quantum-inspired random number generator with chaos inducement. The performance of the proposed S-box scheme is investigated using established criterions, results of which suggest that the constructed S-box is viable for multifaceted applications in information security. Similarly, the analyses of the proposed PRNG suggest its efficiency in generating sequences that remedy the periodicity problem associated with traditional cryptographic applications. Finally, we deploy the dual cascade quantum walks and chaos systems for applications in image encryption. Throughout, simulation-based validation is used to assess the performance of the proposed scheme. Outcomes from our applications for S-boxes construction, pseudo-random number generation, and image encryption validate the choice of cascaded quantum walks and chaos inducement for various cryptographic applications. At this point we clarify that this study is focused on exploiting properties of quantum walks for use in a quantum-inspired setting for potential applications in traditional cryptography. Hence, the quantum mechanical implementation of quantum walks is deemed outside the purview of this present work. Nevertheless, we enrich our bibliography by including interesting studies on such implementation 19,20,[31][32][33][34][35][36][37][38][39][40] from where interested readers can obtain further details.

S-box construction.
Designing powerful S-boxes is an important critereon for realisation of secure cryptosystems and it is a major component of nonlinear transformations, which are the fulcrum of confusion and diffusion analysis for assessing well-designed ciphers 41 . Therefore, designing S-boxes based on secure mechanisms plays an important part in modern cryptographic tasks 42,43 . Consequently, it is widely investigated. For example, in a recent effort EL-Latif el al. 30 explored construction of secure S-boxes based on one-dimensional two-walker QWs on a circle. Inspired by the potency of quantum technologies, in this section, we propose a mechanism to augment some shortcomings of standard S-box construction and integrate our upgraded design into a cascaded QW and chaos inducement system for designing efficient cryptographs.
The following steps outline the construction of an M-length S-box.
Step 1: Choose initial seed for x 0 and a value for the control parameter λ, to iterate the logistic-sine map over N times needed to generate sequence X { } i .
Step 2: Choose initial conditions and key parameters ( α α β β v t , , , 2 ) for running QWs on a circle with v vertices to produce a probability matrix and t is the number of steps for running QWs. Hence, the coin operator Ĉ constructed by the key parameters β 1 and β 2 , while the initial states of the two walkers are , respectively.
Step 3: Resize P to QW N , where N is the number of iterated chaos map. Here, we recall that mathematically no error arises from scaling a matirix with fixed dimentions several times. Targeting such a property, in this step, we make use of the bicubic interpolation resizing 44 , which has zero error during the scalling process etc. This attribute allows it to accommodate prolonged iterations in the chaos map generation.
Step 5: Perform the bitwise XOR operation on the sequences SX { } i , and SQW { } i to produce the sequence S { } i with range from 0 to M-1.
Step 6: Collate the first M dissimilar elements from the sequence S { } i to construct the desired S-box.
The constructed 16 × 16 S-box costructed based on the aforesaid initial conditions and control parameters is presented in Table 1, while Table 2 provides comparison of the performance of the constructed S-box alongside those some published schemes alongside the proposed one in terms of standard parameters of strict avalanche (SAC), nonlinearity, bit independence (BIC), as well as differential (DP) and linear (LP) approximation probabilities.
PRNG generator. Pseudo-random number generation (PRNG) plays a fundamental role in creating powerful cryptographic schemes and, as such, they attract a great deal of attention from many cryptographers and engineers. The key feature of PRNG is to provide long streams of numbers embedded with randomness features. PRNG has a vital impact on the robustness of cryptographic tasks and in mitigating attempts to violate, tamper with, or regenerate the secret information being protected. The common approach employed in designing PRNG generators is based on using chaos maps, which is a simple (in terms of definition), yet disorienting approach intended to circumvent infractions to sensitive information 9,11 . Previous efforts, such as 45 , profit from the utility of quantum walks to overcome established limitations of traditional chaos maps. Furthermore, Yang et al. 45 proposed a novel PRNG mechanism based on quantum walks.
Motivated by the effort in 45 , in this section, we discuss our proposed mechanism for PRNG sequence generation whose outline is presented in Fig. 1 and execution is accomplished via the five steps enumerated in the sequel.
Step 1: Select initial seed for x 0 and a value for the control parameter λ, to iterate the logistic-sine map over N times needed to generate sequence X { } i .
Step 2: Select initial conditions and key parameters ( α α β β v t , , , 2 ) for running QWs on a circle with v vertices to produce a probability matrix , respectively.
Step 3: Resize P to QW N , where N is the number of iterations for the chaos map as well as the length of desired PRNG sequence.
Application of proposed cascade protocol in image encryption. The intuition to utilise chaos systems in image encryption is not new, including many employing one-dimensional or higher dimension chaotic systems to generate a sequence of random numbers for construction of a cipher image that have been broached in [12][13][14][15][16] . However, most of these approaches produce images that are vulnerable to various attacks due to their narrow key-space allowance and imprecise mathematical construction. Consequently, to ameliorate this, some interesting image encryption algorithms based on the dynamical properties of QWs were proposed in 25,26 and 27 .
In this section, we exploit the potency of quantum computing technologies to ameliorate some established shortcomings inherent to existing chaos systems. Our proposed image encryption technique utilises the S-box construction and PRNG sequence generation methods presented in earlier sections of this study to substitute   www.nature.com/scientificreports www.nature.com/scientificreports/ and permutate each pixel of a plain image and construct its encrypted version. These procedures and their perfomance analysis are further elucidated in the remainder of this section.
The general framework for the proposed image encryption technique is illustrated in Fig. 2, while the encryption procedures are outlined in the following steps. performance analysis. To validate the proposed strategy, we simulated implementation of the image encryption algorithm using a dataset comprising of three greyscale (Bridge, Boat and Baboon) and three colour images (Sailboat, Tree and House) sourced from the Signal and Image Processing Institute dataset 46 and each of 256 × 256 dimensions. These test images are presented in Fig. 3(a-f). Initial values for running the QWs to construct S-boxes and generate PRNG sequences were set at  www.nature.com/scientificreports www.nature.com/scientificreports/ The resulting encrypted versions of the test images are presented in Fig. 3(g-m) and based on the pairing of each original and encrypted image pair we undertook a retinue of statistical analysis whose results are presented and discussed in subsequent subsections.
Correlation of adjacent pixels. Correlation coefficient, C xy , is used to measure concordance between two adjacent pixels X and Y in an image. Theoretically, a pristine, i.e. unencrypted, image should have C xy values close to 1 in each direction (horizontal, vertical and diagonal) whereas a well encrypted image should have values close to 0 [47][48][49] . To compute C xy for the encrypted and original images in each direction, we randomly selected 10,000 pairs of neighbouring pixels and used (3) to quantify their correlation. Pixel change rate. Another tool used to evaluate the effect of changing pixel values in an original image on its corresponding encrypted one is number of pixel change rate (NPCR), which is computed using (4).
where M denotes total number of pixels in the image. The fact that, as reported in Table 6, all the test images (in Fig. 3(a-f)) produced NPCR values of approximately 99.60% shows that the proposed encryption strategy is very sensitive to small changes in pixel values in the original image.
Histogram analysis. Histogram analysis is another widely used measure in image analysis that reflects the frequency distribution of pixel values in an image. A well-designed image encryption algorithm should have uniform histograms for different encrypted images, which is an indication of resistance against statistical attacks. Figures 8 and 9 present histograms for the original and encrypted versions of the greyscale images (in Fig. 3(a-c)) as well as the coloured colour Sailboat image in Fig. 3(d). Interpreting these plots, we deduce similarity in the distribution for the encrypted images. This is an affirmation that the encrypted images consist of flat-out noise. Meanwhile, the variability in the histograms of the original images indicate the presence of different levels of detail in those images. From the histogram analysis there is no relation between the encrypted image and its original one. Therefore, the proposed image encryption mechanism could resist histogram analysis attacks.
Information entropy. Information entropy, E(X), is an important tool to evaluate the efficiency of an image encryption algorithm. As expressed in (5), E(X) is a statistical measure of the distribution of pixel values for each level in an image.  Table 4. Correlation coefficients for adjacent pixel pairing for greyscale images (in Fig. 3(a-c)).  Table 5. Correlation coefficients for adjacent pixel pairing for colour images (in Fig. 3(d-f)).  27 . Consequently, for an efficient encryption mechanism, the entropy value for the encrypted images should be close to 8. Table 7 presents the entropy values for the pristine and corresponding encrypted images used in our experiments (i.e. Fig. 3). As targeted, the information entropies for almost all the pairings is expected to be 8 bits (Table 7). This certifies the viability of the proposed algorithm to withstand entropy-based attacks.  www.nature.com/scientificreports www.nature.com/scientificreports/ Key space analysis. Theoretically, quantum-inspired quantum walks have an infinite key space 25,26,45 , but due to the finite precision of digital computers, the key space is limited. Therefore, the key space size is evaluated relative to the 10 −16 precision of digital computers, which is acceptable for quantum insipired numerical simulation of quantum walks on digital computers 50,51 . However, it is highly unrealistic for actual physical implementation of a quantum walk, which would be the goal of future quantum technologies. Nevertheless, such simulation would suffice for classical-based quantum inspired simulation of our proposed random number generator.

Image
A well-designed encryption algorithm should have adequate key space allowance to withstand brute-force and other attacks intended to violate its integrity. In our algorithm, a plain-image is substituted with a PRNG sequence (from the presented PRNG mechanism), while the proposed S-box mechanism is used to permutate each pixel of  www.nature.com/scientificreports www.nature.com/scientificreports/ the substituted image, which combined coalesces as the encrypted image. Therefore, in addition to possessing key parameters for generating PRNG, the proposed algorithm is ingrained with key space needed for constructing the S-boxes (key parameters are used both for generating PRNG sequence and constructing S-box). Since both the PRNG sequence generation and S-box construction schemes are components of the proposed cascade quantum-inspired quantum walks on a circle and logistic-sine map technique, which both possess key parameters ( α α β β λ v t x , , , , , , , ), then the key space for generating PRNG or constructing S-boxes is 10 128 and, therefore, the key space allowance for the image encryption algorithm presented earlier is 10 256 , which is adequate for any encryption algorithm. Table 8 provides a comparison of key spaces for the proposed mechanism in comparison with similar approaches. Outcomes therefrom demonstrate our proposed mechanism has a superior key space allowance.
As suggested by the guideline in 52 key space must be greater than  2 10 100 30 for it to exhibit sufficient security against brute-force attacks. In our case, the proposed approach has a key space of 10 256 which consists of all possible keys. Consequently, to mitigate against the exhaustive search-attacks, a good cipher should have a key space size of > k 10 98 . This conforms with earlier guidelines in 25,26,45 . Based on the proposed approach, we can conclude that key size 10 256 is adequate to forestall brute-force attacks in today's and near future's computers.
Key sensitivity analysis. To test the key sensitivity of the proposed image encryption algorithm, we demonstrate the decryption process for the encrypted Bridge and Sailboat images using several keys for constructing S-boxes and generating PRNG sequences. The results obtained therefrom are presented in Figs. 10 and 11, where Figs. 10(a) and 11(a) demonstrate near zero error during the scaling process for the probability matrix P.

Discussion
Discrete-time quantum random walks are regarded as nonlinear mappings between quantum states and position probability distributions. They provide an imprint of chaotic behaviour, which are mathematical properties that can be exploited in constructing robust cryptographic applications. The study presented explores the potential for deploying quantum-inspired quantum random walks (QiQw) in the design of efficient cryptosystems. We have presented three quantum-inspired mechanisms that cascade quantum walks as a random number generators  Table 6. NPCR test results.
Scientific RepoRtS | (2020) 10:1930 | https://doi.org/10.1038/s41598-020-58636-w www.nature.com/scientificreports www.nature.com/scientificreports/ with logistic-sine map to ameliorate problems of periodicity in chaotic ranges, narrow key space and chaotic discontinuous ranges that are associated with traditional cryptosystems. First, we presented a mechanism for constructions of S-boxes with prospects for wide-ranging applications in security technologies. Second, we proposed a scheme to generate PRNG sequences that remedy the periodicity problem encountered in cryptographic applications. Third, we coalesced the two strategies into a cascaded quantum walks on a circle with logistic-sine map and implemented it as an image encryption algorithm. Based on simulations of our proposed schemes, we undertook extensive statistical analysis to validate the efficiency, reliability and utility of our proposed techniques alongside established methods employed in different cryptographic applications. With further improvements, the study presented provides useful insights to integrate state-of-the-art quantum-inspired quantum resources into building efficient, secure, and robust future cryptography technologies.  Fig. 3(d)).

Image
Original Encrypted

Methods
Rudimentary background required for basic understanding of the proposed cascade quantum-inspired quantum walks and chaos system are highlighted in this section. Furthermore, a succinct overview on the execution of discrete-time quantum walks on a circle as well as the utility of logistic-sine map as a chaos system are expounded.
Discrete-time quantum walks on a circle. Unlike in classical (i.e. digital or non-quantum) walks, the state of a quantum walk is a coherent superposition of several positions (quantum superposition of quantum walks) 53 , but much like their classical (i.e. digital) equivalents, there are two categories of quantum walks: discrete-time quantum walks and continuous-time quantum walks 20 . In this study, we focus on discrete-time quantum walks (or simply QWs), which have shown viability in wide-ranging cryptographic applications 18,19,25,26,28,30,45,[54][55][56][57][58]  . The initial state of the system ψ | 〉 0 can be transformed into another state via application of the evolution operator Û for the whole quantum system Figure 10. Decrypted Bridge image (in Fig. 3(g)) for several S-box keys.
x The operator Ĉ refers to a 2 × 2 coin operator, whose general case can be defined in (8).
cos sin sin cos (8) Hence, the final state ψ | 〉 r after t steps can be expressed as The probability of finding the walker at position x after t steps can be stated as  where ψ | 〉 0 is the initial state of the quantum system, ∈ P x t ( , ) [0, 1] and ∑ = = P x r ( , ) 1 x v 0 . Another attractive characteristic of multi-walker quantum random walks is that, in the case of interacting walkers, the dimension of the Hilbert space of an n-particle quantum walk (composed of distinguishable walkers) increases exponentially with the number of walkers, a property that supports increased entanglement. These properties are unattainable in classical random walks. Consequently, in our proposed model, the impetus for use of two instead of one quantum walker is its offer of increased keyspace allowance, which is crucial for designing efficient cryptosystems. Further details on interacting two quantum walks on a circle can be obtained from 19,59 .
In our proposed model of quantum walks, two coins | 〉 coin 1 , | 〉 coin 2  will be used. The combined shift operator for the system is = ⊗ˆŜ S S 1 2 19,25,26 , where Ŝ 1 and Ŝ 2 are shift operators for | 〉 walker 1 and | 〉 walker 2 , respectively. Following the same rationale, we shall use two coin operators, one for each coin | 〉 coin 1 , | 〉 coin 2 . Therefore, the combined coin operator is a Unitary operator that can be written as an order 4 matrix 19,25,26 . In this study, we have chosen the coin matrices presented in Eq. 11. An example illustrating the probability distributions of running one-dimensional two-particle quantum walks on a circle with 11 vertices is presented in Fig. 12, where the initial position is | 〉 0 p and the initial coin operator Ĉ constructed by β π = /6 1 and β π = /3 2 in formats stated in Eq. 11. It is obvious that, for a circle with only odd v nodes, the probability is nonzero in any position if the number of steps t is greater than or equal to the number of nodes v. In this study, we utilised the probability distribution generated from using quantum-inspired two-walker quantum walks in the cascading system whose construction is based on the coherent superposition of several positions of quantum walks rather than constructions from a mathematical model as obtains in chaotic maps. Like other quantum measurement operations, measurements to recover states of quantum walks, involve retrieval of probability distributions by repeating the measurement process many times, which is not completely accurate. Meanwhile, as clarified in our introductory commentary, our notion of quantum-inspired quantum walks entails the use of probability distributions that are obtained via numerical simulations using digital resources. Nevertheless, like any cryptographic mechanism, if the key parameters of the quantum-inspired quantum walk are disclosed, then anyone can access the probability distribution with appreciable precision. On the other hand, if the parameters are unknown, but a part of the probability distribution is disclosed, then it is very difficult to estimate the key parameters or the recover the probability distribution because our quantum-inspired quantum walk is a one-way mechanism 18,19,26 . Consequently, it is envisioned that the suggested cryptographic applications would offer additional layers of tamper-proof security within the precepts of quantum-inspired quantum walks.
Discrete-time chaotic systems. As argued in earlier sections of this study, one-dimensional chaotic maps are considered in this study because they offer enhanced periodicity in chaotic ranges, narrow key space and Here, it is deducible that for a circle with only odd v nodes, the probability has nonzero in any position if the number of steps t is greater than the number of nodes v. (2020) 10:1930 | https://doi.org/10.1038/s41598-020-58636-w www.nature.com/scientificreports www.nature.com/scientificreports/ chaotic discontinuous ranges when it is used in cryptographic systems 60 . However, the same one-dimensional chaotic maps exhibit powerful benefits in terms of high-speed processing, easy design and simple structure.
A widely used one-dimensional chaotic map is logistic-sine map 16 , which is expressed mathematically as where λ ∈ [0, 4] is the control parameter, and x 0 is the initial condition. Depending on the set of times T, chaotic dynamical systems can be divided into two classes, i.e. either continuous-time dynamical system (i.e. when T = R) or discrete-time dynamical system (if T = Z). Our study focuses on applying chaotic dynamical systems defined in discrete time, since they possess low computational complexity and do not need synchronization as in continuous-time dynamical system 1-3 .